43d6592911384687a6be68ea17e54862_JaffaCakes118 | Triage

Sharing

General

Target

43d6592911384687a6be68ea17e54862_JaffaCakes118
Size

11KB
MD5

43d6592911384687a6be68ea17e54862
SHA1

a25b12cb21b4bebb012d364aca576b2bd85521f5
SHA256

02bba2aefbae15fa398ed838914e3255dbc630ec5d3c2d32babcd1a42c76f7d7
SHA512

1dbaf85146d991a6992fcfc0bf37d5d8ac9e52db91d117cf9f4be38c16577cce92defa01f68018766ee95957cc79d399bec8f9cbc847d27798719dfcedcd94be
SSDEEP

192:o8RkGjl7HbGabMxfnxgPKiILmkhqMS+YCkQvjelA4:tRZ17GabAxgPKiILnTS+YC5eK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43d6592911384687a6be68ea17e54862_JaffaCakes118

Files

43d6592911384687a6be68ea17e54862_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9cea678b57b747bbff13ef50140b13ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

wininet

InternetConnectA
InternetCloseHandle
FtpGetFileA
InternetOpenA
InternetGetConnectedState

mfc42

ord665
ord1979
ord354

msvcrt

_initterm
_onexit
__dllonexit
time
srand
rand
malloc
sprintf
strlen
__CxxFrameHandler
strcat
memset
strcpy
_stricmp
strcmp
_adjust_fdiv
free

kernel32

Sleep
GetWindowsDirectoryA
GetCurrentDirectoryA
DeleteFileA
GetCommandLineA
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
GetProcAddress
CreateRemoteThread
GetLastError
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
GetCurrentProcess

advapi32

LookupPrivilegeValueA
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges

shell32

ShellExecuteA

Exports

Exports

DImmcv
Dll_JustWorking

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ